It is unacceptable that nothing has been said or done to protect others from this exploit. I won't be using bitshares anymore.

A *lot* has been said *and* done. But of course it's easier to blame the tools than to admit your own fault.

If someone walked up to you and said "Hello, my name is Mr. Policeman. Please give me your money and the keys to your house, I will protect them for you.", would you do it? (The sad truth is that even in the real world people fall for this. They don't stop using money though.)

The UI has made approving proposals a 3-step-process, see post from Stefan above. Unfortunatly, people have been taught for years that whenever their computer pops up a box they MUST NOT READ IT and the MUST CLICK ON OK.

McAfee's risk category - PUPs - Acronym for potentially unwanted program. PUP or PUPs is a term used to describe unwanted programs such as Trojans, spyware and adware, along with other malware which may compromise your privacy. I would like to know if BitShares are doing something to resolve it.

No actually this accident can happen to anyone, the proposal is right there on the UI to accept and an uninformed / fatigued user will make the same mistake

It happened to me on Saturday... I have been using crypto since 2012 and have had a BTS account for many years. I was on OL and had just sent myself a small transfer to a phone wallet, but it was taking longer than usual. So, I checked back to my OL account and saw this new tab "proposal" with pending, I thought oh that's OL checking to make sure I want to send my funds, I even saw Openledger in the name, turns out it was openledger-delagate and a scammer. I checked back an hour later and my account balance was zero... I had been drained of 1.7 BTC converted to 300,000 BTS.

If anyone wants to take a look they can see my account name at kurtduncan

I have asked Openledger if they can refund in a goodwill gesture, but have not heard anything back.

This sort of thing should be switched off by default. I now have no crypto